From 792921f4eb31f1ac584be7fe7441e33755fd4672 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Wed, 7 May 2008 17:34:12 +0000 Subject: [PATCH] - Add sedefaultcon and setconlist commands to dump login context --- libselinux-rhat.patch | 71 +++++++++++++++++++++++++++++++++++-------- libselinux.spec | 12 +++++--- 2 files changed, 66 insertions(+), 17 deletions(-) diff --git a/libselinux-rhat.patch b/libselinux-rhat.patch index 444dd19..844d236 100644 --- a/libselinux-rhat.patch +++ b/libselinux-rhat.patch @@ -1,6 +1,51 @@ -diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux-2.0.61/src/matchpathcon.c +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxconlist.8 libselinux-2.0.64/man/man8/selinuxconlist.8 +--- nsalibselinux/man/man8/selinuxconlist.8 1969-12-31 19:00:00.000000000 -0500 ++++ libselinux-2.0.64/man/man8/selinuxconlist.8 2008-05-07 13:32:06.000000000 -0400 +@@ -0,0 +1,18 @@ ++.TH "selinuxconlist" "1" "7 May 2008" "dwalsh@redhat.com" "SELinux Command Line documentation" ++.SH "NAME" ++selinuxconlist \- list all SELinux context reachable for user ++.SH "SYNOPSIS" ++.B selinuxconlist [-l level] user [context] ++ ++.SH "DESCRIPTION" ++.B selinuxconlist ++reports the list of context reachable for user from the current context or specified context ++ ++.B \-l level ++mcs/mls level ++ ++.SH AUTHOR ++This manual page was written by Dan Walsh . ++ ++.SH "SEE ALSO" ++secon(8), selinuxdefcon(8) +diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxdefcon.8 libselinux-2.0.64/man/man8/selinuxdefcon.8 +--- nsalibselinux/man/man8/selinuxdefcon.8 1969-12-31 19:00:00.000000000 -0500 ++++ libselinux-2.0.64/man/man8/selinuxdefcon.8 2008-05-07 13:32:25.000000000 -0400 +@@ -0,0 +1,19 @@ ++.TH "selinuxdefcon" "1" "7 May 2008" "dwalsh@redhat.com" "SELinux Command Line documentation" ++.SH "NAME" ++selinuxdefcon \- list default SELinux context for user ++ ++.SH "SYNOPSIS" ++.B selinuxdefcon [-l level] user [fromcon] ++ ++.SH "DESCRIPTION" ++.B seconlist ++reports the default context for the specified user from current context or specified context ++ ++.B \-l level ++mcs/mls level ++ ++.SH AUTHOR ++This manual page was written by Dan Walsh . ++ ++.SH "SEE ALSO" ++secon(8), selinuxconlist(8) +diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux-2.0.64/src/matchpathcon.c --- nsalibselinux/src/matchpathcon.c 2007-09-28 09:48:58.000000000 -0400 -+++ libselinux-2.0.61/src/matchpathcon.c 2008-04-16 13:25:25.000000000 -0400 ++++ libselinux-2.0.64/src/matchpathcon.c 2008-05-07 13:08:06.000000000 -0400 @@ -2,6 +2,7 @@ #include #include @@ -18,9 +63,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux va_end(ap); } -diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinux.py libselinux-2.0.61/src/selinux.py ---- nsalibselinux/src/selinux.py 2008-01-23 14:36:29.000000000 -0500 -+++ libselinux-2.0.61/src/selinux.py 2008-04-16 13:25:25.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinux.py libselinux-2.0.64/src/selinux.py +--- nsalibselinux/src/selinux.py 2008-05-06 14:33:15.000000000 -0400 ++++ libselinux-2.0.64/src/selinux.py 2008-05-07 13:08:06.000000000 -0400 @@ -300,6 +300,204 @@ selinux_file_context_cmp = _selinux.selinux_file_context_cmp selinux_file_context_verify = _selinux.selinux_file_context_verify @@ -226,9 +271,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinux.py libselinux-2.0 selinux_default_type_path = _selinux.selinux_default_type_path get_default_type = _selinux.get_default_type SELINUX_DEFAULTUSER = _selinux.SELINUX_DEFAULTUSER -diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig.i libselinux-2.0.61/src/selinuxswig.i ---- nsalibselinux/src/selinuxswig.i 2008-01-23 14:36:29.000000000 -0500 -+++ libselinux-2.0.61/src/selinuxswig.i 2008-04-16 13:25:25.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig.i libselinux-2.0.64/src/selinuxswig.i +--- nsalibselinux/src/selinuxswig.i 2008-05-06 14:33:15.000000000 -0400 ++++ libselinux-2.0.64/src/selinuxswig.i 2008-05-07 13:08:06.000000000 -0400 @@ -5,6 +5,7 @@ %module selinux %{ @@ -248,9 +293,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig.i libselinux- %include "../include/selinux/get_default_type.h" %include "../include/selinux/get_context_list.h" + -diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig_python.i libselinux-2.0.61/src/selinuxswig_python.i +diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig_python.i libselinux-2.0.64/src/selinuxswig_python.i --- nsalibselinux/src/selinuxswig_python.i 2007-10-01 09:54:35.000000000 -0400 -+++ libselinux-2.0.61/src/selinuxswig_python.i 2008-04-16 13:25:25.000000000 -0400 ++++ libselinux-2.0.64/src/selinuxswig_python.i 2008-05-07 13:08:06.000000000 -0400 @@ -16,6 +16,20 @@ $result = SWIG_Python_AppendOutput($result, list); } @@ -272,9 +317,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig_python.i libs /* Makes security_compute_user() return a Python list of contexts */ %typemap(argout) (security_context_t **con) { PyObject* plist; -diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig_wrap.c libselinux-2.0.61/src/selinuxswig_wrap.c ---- nsalibselinux/src/selinuxswig_wrap.c 2008-01-23 14:36:29.000000000 -0500 -+++ libselinux-2.0.61/src/selinuxswig_wrap.c 2008-04-16 13:25:25.000000000 -0400 +diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig_wrap.c libselinux-2.0.64/src/selinuxswig_wrap.c +--- nsalibselinux/src/selinuxswig_wrap.c 2008-05-06 14:33:15.000000000 -0400 ++++ libselinux-2.0.64/src/selinuxswig_wrap.c 2008-05-07 13:08:06.000000000 -0400 @@ -2458,21 +2458,36 @@ #define SWIGTYPE_p_SELboolean swig_types[0] diff --git a/libselinux.spec b/libselinux.spec index 84ee7e1..2994064 100644 --- a/libselinux.spec +++ b/libselinux.spec @@ -4,7 +4,7 @@ Summary: SELinux library and simple utilities Name: libselinux Version: 2.0.64 -Release: 1%{?dist} +Release: 2%{?dist} License: Public Domain Group: System Environment/Libraries Source: http://www.nsa.gov/selinux/archives/%{name}-%{version}.tgz @@ -81,9 +81,6 @@ make DESTDIR="%{buildroot}" LIBDIR="%{buildroot}%{_libdir}" SHLIBDIR="%{buildroo rm -f %{buildroot}%{_sbindir}/compute_* rm -f %{buildroot}%{_sbindir}/deftype rm -f %{buildroot}%{_sbindir}/execcon -rm -f %{buildroot}%{_sbindir}/getcon -rm -f %{buildroot}%{_sbindir}/getconlist -rm -f %{buildroot}%{_sbindir}/getdefaultcon rm -f %{buildroot}%{_sbindir}/getenforcemode rm -f %{buildroot}%{_sbindir}/getfilecon rm -f %{buildroot}%{_sbindir}/getpidcon @@ -94,6 +91,8 @@ rm -f %{buildroot}%{_sbindir}/selinuxconfig rm -f %{buildroot}%{_sbindir}/selinuxdisable rm -f %{buildroot}%{_sbindir}/getseuser rm -f %{buildroot}%{_sbindir}/selinux_check_securetty_context +mv %{buildroot}%{_sbindir}/getdefaultcon %{buildroot}%{_sbindir}/selinuxdefcon +mv %{buildroot}%{_sbindir}/getconlist %{buildroot}%{_sbindir}/selinuxconlist %clean rm -rf %{buildroot} @@ -113,6 +112,8 @@ exit 0 %{_sbindir}/getenforce %{_sbindir}/getsebool %{_sbindir}/matchpathcon +%{_sbindir}/selinuxconlist +%{_sbindir}/selinuxdefcon %{_sbindir}/selinuxenabled %{_sbindir}/setenforce %{_sbindir}/togglesebool @@ -137,6 +138,9 @@ exit 0 %{python_sitearch}/selinux/* %changelog +* Wed May 7 2008 Dan Walsh - 2.0.64-2 +- Add sedefaultcon and setconlist commands to dump login context + * Tue Apr 22 2008 Dan Walsh - 2.0.64-1 - Update to Upstream * Fixed selinux_set_callback man page.